Threats Tagged 'ghsa-v6r2-jh58-xx6w'
View all threats tagged with 'ghsa-v6r2-jh58-xx6w'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'ghsa-v6r2-jh58-xx6w'
Click on any threat for detailed analysis and mitigation recommendations
GHSA-v6r2-jh58-xx6w: OpenClaw's marketplace runtime extension metadata could point at unscanned payloadsCVE-2026-53810 0 OpenClaw's marketplace runtime extension metadata in versions prior to 2026.5.18 could reference unscanned payloads, allowing a trusted operator's selected package to redirect runtime loading to hidden content that bypasses expected scanning. This vulnerability affects the specific feature and configuration related to runtime extension metadata and does not alter the trusted-operator security model. The impact depends on the operator's configuration and whether lower-trust inputs can access the vulnerable path. The issue is patched in version 2026.5.18. Until patched, mitigation includes installing only trusted plugins, maintaining explicit plugin allowlists, narrowing channel and tool allowlists, avoiding shared Gateways between untrusted users, and disabling the affected feature if not needed. Join the discussion | GCVE Database | 07/02/2026, 16:00:42 UTC Added: 07/02/2026, 22:57:22 UTC |
Showing 1 to 1 of 1 result